It should be noted that this is not the first time that the FBI has had increased scrutiny of digital assets this year. In particular, in January, the feds shut down cryptocurrency exchanger Bitzlato, which was actively used to launder illicit money. According to law enforcement authorities, the site was also being used by drug dealers – and the company’s management knew about it.

A short time later, users associated with the exchange were blocked on Binance. However, representatives of the platform admitted that this was the reason for the blockage.

Head of cryptocurrency exchange Binance

This time, a lone hacker was in the FBI’s crosshairs, whose activity led to serious financial losses for others.

How are cryptocurrency hackers found?

ZachXBT’s investigation consists of two parts, the first of which it published back in August. In a nutshell, someone under the nickname Cam sold a special form of Twitter access online – through which users’ sensitive information, including passwords, can be found out. HZ was one of the buyers, enabling him to hack more than twelve accounts of owners of expensive NFTs.

Twitter account hacking form advertised for sale

Back in April last year, ZachXBT mapped the flow of funds between the wallets of HZ and his associates under the pseudonyms Popbob and Two1. Here’s a relevant illustration.

A map of the flow of funds

Naturally, HZ threatened ZachXBT with a demand to delete the thread on Twitter. In this case, he wrote that Zach should be more careful – and this could indeed be seen as a threat.

Threats towards ZachXBT

But then the situation took an interesting turn – the hacker boasted about an expensive Audemars Piguet watch on Twitter. The watch he could only buy for crypto, well a large transaction in digital currency is not hard to trace.

HZ flexes watches

ZachXBT soon got in touch with the seller of that very watch. After explaining the problem to him, the crypto-enthusiast asked for cooperation – after all, the accessory was bought with someone else’s money. The seller agreed, providing the HZ address from which he paid for the item: 0xdc25df861f979a175bfe4f37d1562d45cdc5cd. The transaction itself is shown in the screenshot below.

Watch purchase transaction

The same wallet directly received funds from other addresses that were seen to be trafficking stolen crypto. Accordingly, the information converged, and the data was linked to each other.

The next step was a technical matter, i.e. numerous transactions had to be linked to all known incidents of account or platform hacking. A total of 86.5 ETH or $116,433 was confiscated from HZ, Bored Ape Yacht Club tokens #9658 and Doodle #3114 worth just over $100,000 in total and that very watch. According to Cointelegraph’s sources, the hacker’s arrest took place back in October last year, but all details have only now been released by law enforcement.

In this regard, representatives of the blockchain community joked about the popularity of NFTs. They are so widespread around the world, they say, that non-interchangeable tokens from the Bored Ape Yacht Club collection are being held by FBI officers, among others.

Ice cream truck in the style of BAYC’s NFT collection

The FBI has not released any information regarding ZachXBT’s involvement in the official investigation. However, a representative of the blockchain community himself said that the information he gathered was a good help in finding and catching the perpetrator. And so such investigations within cryptocurrencies could well lead to real punishment for the perpetrators, which is really gratifying.

😈 YOU CAN FIND MORE INTERESTING STUFF ON US AT YANDEX.ZEN!

Unfortunately, the revenue stream from scammers is unlikely to dry up – especially when blatantly fraudulent projects are willing to PR even celebrities. A few days ago a blogger called Coffeezilla ran a little experiment: he approached notorious MMA fighter Dillon Dennis and offered his Twitter account to promote a fake NFT project. He agreed for a fee of one thousand dollars and posted the advertisement without any complaints.

In the post itself, the project’s slogan “SourzNFT Candies are Moonbound!” folds into the acronym SCAM or “scam”. Denis also didn’t check the fact that the project website was set up on February 1 – just a few days ago, which is typical of scam schemes.

Tweet Coffeezilla

What’s particularly funny is that as part of the promotion Dillon Denis also posted a link to the website of the said NFT-project, with a page titled “Have you been scammed by Dillon Denis? It contains a collection of fraudulent NFT ads from Dillon on Twitter, which he had previously deleted.

A list of fraudulent ads from Dillon Denis

It is also worth noting that Denis clearly did not read the contract he signed either. Yet, it is clearly stated that Dillon agreed to be “the subject of a joke” or a prank. Therefore, the blogger is not under any claim, and the representative of the MMA community is to blame for it.

Part of the agreement with Dillon Denis to promote the NFT

By the way, Coffeezilla will soon release a video about this situation. The video is ready, and for now it is available to paid subscribers of the channel.

This incident shows that celebrities of all sizes should not be trusted in public statements. Well Coffeezilla has made it so that when a user attempts to release a fake NFT, a fraud alert is popped up. The latter can be taken as a reminder of the importance of researching any project before investing in it.


We believe that such cases are good for the cryptocurrency industry. Although this is a case of third-party intervention, which is not particularly consistent with decentralisation, it will make investors and users of digital assets feel safer one way or another. Still, this situation has made it clear that even the most technically advanced frauds do not necessarily end up in the loss of valuable assets. Well, hackers may face punishment.